Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 235798 (CVE-2008-4982) - app-forensics/rkhunter: audit wrt insecure temp file usage (CVE-2008-4982)
Summary: app-forensics/rkhunter: audit wrt insecure temp file usage (CVE-2008-4982)
Status: RESOLVED INVALID
Alias: CVE-2008-4982
Product: Gentoo Security
Classification: Unclassified
Component: Auditing (show other bugs)
Hardware: All Linux
: High normal (vote)
Assignee: Gentoo Security
URL: http://bugs.debian.org/496375
Whiteboard:
Keywords:
Depends on:
Blocks: 194832 debian-tempfile
  Show dependency tree
 
Reported: 2008-08-26 17:04 UTC by Christian Hoffmann (RETIRED)
Modified: 2008-11-08 00:22 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Christian Hoffmann (RETIRED) gentoo-dev 2008-08-26 17:04:56 UTC
See $URL and bug 235770.
Comment 1 Christian Hoffmann (RETIRED) gentoo-dev 2008-08-26 17:09:24 UTC
All in-tree versions (1.2.7-r1, 1.2.8, 1.2.9) only install scripts which either use mktemp properly or place temporary files in a pre-created directory which is owned by the super user.
The user may change this path using the --tmpdir option in some cases, but even in that case rkhunter warns about it if the user tries to use /tmp.

Debian ships a newer version of this package, so we should be careful when bumping.

So:
Currently not affected
Might be affected in the future if new versions of rkhunter find their way into the tree.

BTW: Several scripts in the tarball look like they are vulnerable to temporary file issues, but we don't install those.